Re: on the use of chmod/chown in maintainer scripts
Russ Allbery <rra@debian.org> writes:
> Charles Plessy <plessy@debian.org> writes:
>
>> in some of my packages, I give the ownership on some directories in /var
>> to www-data without checking that the www-data group exists, but I guess
>> it is acceptable because it is globally allocated by base-passwd.
>
> Right.
>
>> Dpkg will not update permissions or ownership, but when creating the
>> directory it will apply the ones in the 'data' tar archive. So if there
>> was no package released with wrong settings, I assume this is safe. Or
>> am I simply relying on something undocumented and unwaranteed ?
>
> No, this is fine. But it only works for globally-allocated IDs in
> base-passwd. If you instead need to dynamically generate a system user on
> the fly and then set ownership of files to that user, which is a
> reasonably common case, this is more complex.
Actualy not quite. This fails during bootstrap if base-passwd is not yet
configured.
While base-passwd is essential the /etc/passwd is only created during
postinst and thus not covered by base-passwd being essential. So if you
are essential (or pseudo essential, something essential depends on you)
you have to depend on base-passwd to ensure your postinst is run after
base-passwd is configured.
MfG
Goswin
Reply to: